ISO 27001 Published Today

#1 (**permalink**) 10-18-2005, 07:02 PM

ISO 27001 has, after months in final draft, finally been published as
an official ISO standard.

This particular standard defines an 'Information Security Management
System' (commonly known as an ISMS), and compliments the existing ISO
17799 standard. It basically specifies a best practice framework for
the design and maintenance of information security processes within an
organization.

The two standards are closely aligned and interlinked, but have very
distinct roles:

ISO 17799
This lists many hundreds of individual and detailed security controls,
which may be selected as part of the security management system.

ISO 27001
This specifies the overall requirements for the security management
system itself. It is this document, as opposed to 17799, against which
a certification route is offered. ISO 27001, which was built upon an
earlier version of BS7799, has also been made more compatible with
other management standards.

THE GLOBAL IMPACT
The publication of the new standard is likely to herald a rapid
increase in interest in both information security generally and
certification specifically. Organizations already certified via
BS7799-2 will take a transitional route, whereas the international
status of the new standard is certain to have an impact on the numbers
following the certification or compliance route.

This has already started to manifest itself in terms of the record
number of pre-orders for the new standard, and the recent membership
increases of the Online ISO 17799 User Group (located at
http://www.17799.com).

OFFICIAL SOURCES
The new standard can be obtained via:
StandardsDirect (BSI): http://17799.standardsdirect.org

It will also be available via SNV shortly from the following page:
Standards Online:
http://www.standards-online.net/Info...tyStandard.htm

Finally, the support kit for the standard has also been updated to
reflect todays changes: http://www.17799-toolkit.com

FURTHER INFORMATION
Additional information on both these standards can be obtained from the
ISO 17799 News website at:
http://17799-news.the-hamster.com

#2 (**permalink**) 10-20-2005, 01:01 AM

The information is useful! Thanks,

"Sue Thomas" <sue@the-hamster.com> wrote in message
news:1129662125.376476.281750@g44g2000cwa.googlegr oups.com...
> ISO 27001 has, after months in final draft, finally been published as
> an official ISO standard.
>
> This particular standard defines an 'Information Security Management
> System' (commonly known as an ISMS), and compliments the existing ISO
> 17799 standard. It basically specifies a best practice framework for
> the design and maintenance of information security processes within an
> organization.
>
> The two standards are closely aligned and interlinked, but have very
> distinct roles:
>
> ISO 17799
> This lists many hundreds of individual and detailed security controls,
> which may be selected as part of the security management system.
>
> ISO 27001
> This specifies the overall requirements for the security management
> system itself. It is this document, as opposed to 17799, against which
> a certification route is offered. ISO 27001, which was built upon an
> earlier version of BS7799, has also been made more compatible with
> other management standards.
>
>
> THE GLOBAL IMPACT
> The publication of the new standard is likely to herald a rapid
> increase in interest in both information security generally and
> certification specifically. Organizations already certified via
> BS7799-2 will take a transitional route, whereas the international
> status of the new standard is certain to have an impact on the numbers
> following the certification or compliance route.
>
> This has already started to manifest itself in terms of the record
> number of pre-orders for the new standard, and the recent membership
> increases of the Online ISO 17799 User Group (located at
> http://www.17799.com).
>
>
> OFFICIAL SOURCES
> The new standard can be obtained via:
> StandardsDirect (BSI): http://17799.standardsdirect.org
>
> It will also be available via SNV shortly from the following page:
> Standards Online:
> http://www.standards-online.net/Info...tyStandard.htm
>
> Finally, the support kit for the standard has also been updated to
> reflect todays changes: http://www.17799-toolkit.com
>
>
>
> FURTHER INFORMATION
> Additional information on both these standards can be obtained from the
> ISO 17799 News website at:
> http://17799-news.the-hamster.com
>